CVE-2025-31976 - Vulnerability Details

- HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials

Description

HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated. .

Published: 2026-05-06

Score: 4.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

HCL BigFix Service Management (SM) suffers from insufficiently protected credentials while it communicates with a backend internal application. The flaw, classified as CWE-200 and CWE-522, allows an attacker who can observe or intercept this short‑lived transmission to capture the credentials and potentially misuse them for unauthorized access. The vulnerability does not grant immediate remote code execution or denial of service; its primary danger is credential compromise and the downstream attacks it enables.

Affected Systems

The affected product is HCL Software’s BigFix Service Management (SM). No specific version numbers are listed in the data, so all current installations are considered potentially vulnerable until a patch is applied.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity, while the EPSS score of 0.00028 (≈0.03%) indicates a very low exploitation probability, and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is network interception between SM and its backend during the brief credential transmission period; an attacker would need network access that allows sniffing or man‑in‑the‑middle. Because the credentials are only briefly exposed, the opportunity window is narrow, but the impact of any exfiltrated credentials could be significant if used to gain further access.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

HCL Software

BigFix Service Management (SM)

unaffected

Version	Status	Constraints
`23`	affected	—

Configuration 1 [-]

cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Hcltech

Bigfix Service Management

83%

Version	Status	Scheme	Platform
`23`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest vendor‑issued patch or update for HCL BigFix Service Management.
Ensure that credentials used by SM are stored securely, e.g., encrypted or hashed, to mitigate risk of credential exposure (CWE-522).
Configure the communication between SM and its backend to use encrypted channels such as TLS or VPN to prevent credential interception.
Implement network segmentation and strict access controls around the SM backend to limit exposure to potential sniffing hosts.
Enable monitoring for unusual credential usage patterns and alert on suspected misuse.

Generated by OpenCVE AI on May 7, 2026 at 17:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00046.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144

History

Thu, 07 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hcltech Hcltech bigfix Service Management
Weaknesses		CWE-522
CPEs		cpe:2.3:a:hcltech:bigfix_service_management:23.0:::::::*
Vendors & Products		Hcltech Hcltech bigfix Service Management

Wed, 06 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 06 May 2026 14:30:00 +0000

Type	Values Removed	Values Added
Description		HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated. .
Title		HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials
Weaknesses		CWE-200
References		https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144
Metrics		cvssV3_1 `{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N'}`

Subscriptions

Hcltech Bigfix Service Management

MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2026-05-06T13:49:39.462Z

Updated: 2026-05-06T14:47:08.920Z

Reserved: 2025-04-01T18:46:26.620Z

Link: CVE-2025-31976

Vulnrichment

Updated: 2026-05-06T14:47:05.829Z

NVD

Status : Analyzed

Published: 2026-05-06T15:16:06.100

Modified: 2026-05-07T16:30:53.400

Link: CVE-2025-31976

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-07T18:15:34Z

Weaknesses

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-522
Insufficiently Protected Credentials

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object